EN
In the context of the feature "Token Protection" in the VideoManager Pro a signature must be generated so that videos with token protection can be played out.
One way is to generate a hash of of a key and a message. This means the request is sent as a hash and contains a time stamp, so that the hash is different every time, when it is sent.
In this section, you will learn how to generate a HMAC-SHA256 based code for this purpose.
Required Authentication Information
| Information | Description |
|---|---|
{"video-id":"%videoId%","exp-time":"%expTime%""} | The message is the basis for the calculation of the signature. It is composed as follows:
|
| Shared secret | The key can be retrieved in the security settings in your VideoManager (see "VideoManager Manual: Editing a Security Policy"). |
The following code samples shows how to calculate a HMAC signature.
Java Code Sample
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
public String generateToken(String videoId, String tokenSecret, long lifeTimeMillis) {
final String HASH_PATTERN = "{\"video-id\":\"%s\", \"exp-time\": %s}"
final String HASH_ALGORITHM = "HmacSHA256";
final long expiryTime = System.currentTimeMillis() + lifeTimeMillis;
final String tokenCalcBase = String.format(HASH_PATTERN, videoId, expiryTime);
final Mac hmac = Mac.getInstance(HASH_ALGORITHM);
final byte[] keyBytes = DatatypeConverter.parseHexBinary(tokenSecret);
final SecretKeySpec secretKey = new SecretKeySpec(keyBytes, HASH_ALGORITHM);
hmac.init(secretKey);
final byte[] hmacBytes = hmac.doFinal(tokenCalcBase.getBytes());
final String hash = String.format("%032x", new BigInteger(1, hmacBytes));
return expiryTime + "~" + hash;
}
Ruby Code-Beispiel
require 'openssl'
shared_secret = ["abc123"].pack('H*') #Hex2Bin
video_id = "212zpS6bjN77eixPUMUEjR"
exp_time = "1458396066"
message = sprintf("{\"video-id\":\"%s\", \"exp-time\": %s}", video_id, exp_time)
hmac = OpenSSL::HMAC.hexdigest('sha256', shared_secret , message)
token = exp_time + "~" + hmac
printf("\nToken: %s\n", token)
PHP Code-Beispiel
<?php
$shared_secret = "16f189853dd46d871645074c402a3458";
$exp_time = "1902840215";
$video_id = "AZBTcFzS5h2FHCBWwcLjya";
function generateToken($video_id, $exp_time, $shared_secret)
{
$data = sprintf("{\"video-id\":\"%s\", \"exp-time\": %s}" , $video_id, $exp_time);
$hash = hash_hmac ( "sha256", $data , hex2bin($shared_secret) );
$token = sprintf ("%s~%s", $exp_time , $hash);
return $token;
}
$token = generateToken($video_id, $exp_time, $shared_secret);
echo $token;
?>
Testen der HMAC-Implementierung
Mit den folgenden Parametern können Sie Ihre HMAC-Implementierung testen:
| Parameter | Beschreibung |
|---|---|
| video-ID | 212zpS6bjN77eixPUMUEjR |
| secret | abc123 |
| expTime | 1458396066 |
Mit diesen Parametern sollte folgender Token erzeugt werden:
1458396066~62dcbe0e20827245454280c51129a9f30d1122eaeafc5ce88f0fec527631f1b5